Computer and Information Security

Final Project 2014

IMPORTANT DATES

  • Proposals Due: Apri 7
  • Draft/Progress Report Due: April 21
  • Report/Slides Due: Apri 28
  • Persentations: April 28, 30, May 2

Presentation Schedule

PROPOSAL (20%) GUIDELINES

The proposal should be a one-page document containing project topic, a summary of what you plan to do with the topic, your goal and the expected result. It also needs to include a time-table to show your expectation on the progress of the project. This is an INDIVIDUAL project, you will not work in teams.

PRESENTATION (40%) GUIDELINES

You should prepare a 15 minute presentation, using PowerPoint or other supplementary tools. Presentations should be self-contained, and should be clear and precise. It should contain the following information:
(1) Outline. Summarize the full presentation.
(2) Introduction. Introduce the purpose and goals of the project. Provide any background material necessary to understand the presentation.
(3) Investigation, development, or experimentation conducted. Describe the actual work performed during the project.
(4) Results. Show any demonstrations developed or results achieved during the project.
(5) Conclusion.
(6) Questions and discussion.

Item Max Score Comments
Outline 10    
Introduction 10    
Investigation 30    
Results 30    
Conclusion 20    
Total 100    

REPORT (40%) GUIDELINES

A written technical report with no more than 10 pages is expected. The project report should be neat, readable, and self-contained. The report should contain a more detailed explanation of the materials covered in the presentation. Adequate references and/or background materials must be given in the report. You may use tables, diagrams, graphs, and figures to enhance readers' comprehension of your project. The report needs to be turned in as a hard copy on the due day.

GENERAL GUIDELINES

Plagiarism is defined as the use, without proper acknowledgment, of the ideas, phrases, sentences, or larger units of discourse from another writer or speaker. Please cite the sources where you obtain the ideas from.

LIST OF TOPICS

Below are some sample topic. You may use these, modifications of these, or roll your own from scratch. Your project may be research oriented, setup and testing oriented, or can include the actual development of a software system.

GSM Security and Encryption

The motivation for security in cellular telecommunication systems is to secure conversations and signaling data from interception as well as to prevent cellular telephone fraud. Investigate the security system embedded in GSM (Group Special Mobile) system, which is a European standard, is currently in use on almost every continent. Topics to cover: overview, authentication, signaling and data confidentiality, subscriber identity confidentiality, encryption algorithms, and conclusions.
http://www.gsmworld.com/index.shtml

Encryption at OSI Layers

The relative advantages and disadvantages of implementing cryptographic protocols at the application layer (layer 7), network layer (layer 3) and transport layer (layer 4) of the OSI basic reference model.

Electronic Voting

Electronic voting is a scheme that involving using electronic tools to submit a vote and count the total number of votes. Focus on the requirements, protocols, encryption scheme used or suggested in electronic voting. Survey several existing methods or software that are available for electronic voting. Discuss why it hasn’t become popular.

Security Structure of MVNU Campus Network

What do we have to secure our campus network and computers? Investigate the types of security services such as authentication, access control, network monitoring and etc. on our campus. Find out the software or security standards that our IT employed.

Symmetric Encryption Algorithms

Survey all the available implementations for symmetric encryption algorithms (DES, RSA, and/or others) that we discussed in class. Compare several different implementations of them. Develop and conduct performance analysis of the implementations, for example, measuring the key generation and encryption/ decryption times. Compare observed performance differences and differences in implementation techniques.

Encryption Algorithm Implementation

Implement one of the encryption algorithms, symmetric or asymmetric, discussed in class. Write a document to describe the structure of your program, the format for input and output. Discuss the difficulties experienced in the process of implementation.

Commercial Security Software Comparisons

Compare the existing security software package on the market today. Discuss the functionalities each of them offer and compare the similarity and difference between those functionalities. Also discuss issues such as the difficulty of software installation/setup, the price of the software, and technical support from the software company.

Hackers on Campus

Survey the hacking attacks happened at universities. Describe the event including what systems were compromised, what techniques the hacker used, how the school detected the attack, which system/structure the school fixed to improve the security, and what kind of punishments was issued to the hacker.

Virus/Worms

Survey and study the noticeable virus/worms, such as Code Red and Nimda, in recent years. Describe how the virus/worm works, what kind of vulnerability it takes advantage of, how serious the infection was, and how to recover from the damage. Based on your survey on those historical events, discuss what might be the major threat in incoming years.
http://en.wikipedia.org/wiki/Notable_computer_viruses_and_worms

Information Privacy

Privacy is an important issue in computer security, as it is somehow provided in security services of authentication and confidentiality. As the Internet and online shopping grow, privacy has become a significant concern in recent years. Examine and discuss how privacy relates to the Internet, especially in e-mail and web access. Describe what kind of data a web server may keep and how this information may affect users’ privacy. Study the privacy policy provided by a web-based company such as Google or YouTube .

Intrusion Detection and Prevention

Survey several existing intrusion detection systems, for example, Snort, OSSEC, Endian and/or Squil. Discuss the similarity and difference between these systems. Go beyond the labs in class and implement a complete solution and test it with an open Internet Connection.

Penetration Testing

Do a complete penetration test of the www.dougkarl.com. Provide a complete analysis of the results.


-- JimSkon - 2012-04-02

Topic revision: r1 - 2014-03-20 - JimSkon
 
This site is powered by the TWiki collaboration platformCopyright &© by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback